CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

SUSE CVE•added 2025/10/17 11:22 p.m.•1 views

SUSE CVE-2025-61907

Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information tha...

6.5CVSS6.4AI score0.00043EPSS

Exploits0References3

OSV•added 2025/10/16 6:15 p.m.•3 views

DEBIAN-CVE-2025-61907

6.5CVSS5.3AI score0.00043EPSS

Exploits0References1

OSV•added 2025/10/16 5:11 p.m.•2 views

CVE-2025-61907 Icinga 2 API users could access restricted values in filter expressions

7.1CVSS6.4AI score0.00043EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-24214

Malicious code in bioql PyPI...

5.4CVSS6.4AI score0.00057EPSS

Exploits0References2

RedhatCVE•added 2025/08/14 2:24 a.m.•4 views

CVE-2025-42936

The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access restricted objects in the barcode interface, leading to privilege escalation. This results in a low impac...

5.4CVSS7AI score0.00057EPSS

Exploits0References1

OSV•added 2025/08/12 3:15 a.m.•1 views

CVE-2025-42936

5.4CVSS5.8AI score0.00057EPSS

Exploits0References2

Cvelist•added 2025/08/12 2:5 a.m.•4 views

CVE-2025-42936 Missing Authorization check in SAP NetWeaver Application Server for ABAP

5.4CVSS0.00057EPSS

Exploits0References2

AlpineLinux•added 2025/03/26 2:15 p.m.•7 views

CVE-2025-23203

Icinga Director is an Icinga config deployment tool. A Security vulnerability has been found starting in version 1.0.0 and prior to 1.10.3 and 1.11.3 on several director endpoints of REST API. To reproduce this vulnerability an authenticated user with permission to access the Director is required...

5.5CVSS6.6AI score0.00055EPSS

Exploits0References3

Positive Technologies•added 2024/12/02 12:0 a.m.•2 views

PT-2024-33555 · Foundry · Foundry

Name of the Vulnerable Software and Affected Versions: Foundry affected versions not specified Description: A software bug could allow users without permission to view restricted objects directly through the Object Explorer under specific circumstances. This issue did not make data available acro...

6.5CVSS7AI score0.00071EPSS

Exploits0References3

CNNVD•added 2024/12/02 12:0 a.m.•1 views

Palantir Foundry 安全漏洞

Palantir Foundry is a business process management platform from US-based Palantir, Inc. A security vulnerability exists in Palantir Foundry versions 105.110.1 through 105.115.0, which stems from Objects Supported by Restricted Views OSV1 can be bypassed, allowing users not authorized to view such...

6.5CVSS6.7AI score0.00071EPSS

Exploits0References1

ATTACKERKB•added 2022/07/12 9:15 p.m.•3 views

CVE-2022-29619

Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted...

6.5CVSS5.9AI score0.00179EPSS

Exploits0References3Affected Software1

Hacker One•added 2022/05/11 9:19 p.m.•31 views

Phabricator: Conduit feed.publish API allows you to spoof other users or make it look like you have access to a restricted object

The Conduit feed.publish API allows a user to publish stories to the feed. The API accepts a parameter "type" which will be set to PhabricatorTokenGivenFeedStory and accepts JSON in the "data" parameter such as the following: "authorPHID": "PHID-USER-uyg3nn764yetx6nglnbx", "tokenPHID":...

0.9AI score

Exploits0